CVE-2006-2437

Name of the Vulnerable Software and Affected Versions Caucho Resin versions 3.0.17 through 3.0.18

Description The issue allows remote attackers to obtain the source code for files under the web root. This is achieved through the file parameter in the viewfile servlet, which is part of the documentation package (resin-doc) for Caucho Resin.

Recommendations For versions 3.0.17 and 3.0.18, consider restricting access to the viewfile servlet to minimize the risk of exploitation. As a temporary workaround, avoid using the file parameter in the affected servlet until a patch is available.